Overview

Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE)

Read more

Prerequisites

There are currently no prerequisites for this course but having a basic understanding of Network Security will help.

Read more

Learning Outcomes

  • Network security controls, protocols and devices
  • Security policies for your organisation
  • Choosing appropriate firewall solution, topology and configurations
  • Risk and vulnerability assessment
  • First response to a network security incident
Read more

Course Outline

Module 01: Computer Network and Defense Fundamentals

  • Network Fundamentals
  • Network Components
  • TCP/IP Networking Basics
  • TCP/IP Protocol Stack
  • Ethernet
  • IP Addressing
  • Computer Network Defense (CND)
  • CND Triad
  • CND Process
  • CND Actions
  • CND Approaches

Module 02: Network Security Threats, Vulnerabilities, and Attacks

  • Essential Terminologies
  • Network Security Concerns - Where they arises from?
  • Network Security Vulnerabilities
  • Network Reconnaissance Attacks
  • Network Access Attacks
  • DNS Cache Poisoning
  • Denial of Service (DoS) Attacks
  • Distributed Denial-of-Service Attack (DDoS)
  • Malware Attacks

Module 03: Network Security Controls, Protocols, and Devices

  • Fundamental Elements of Network Security
  • Network Security Controls
  • Mandatory Access Control (MAC)
  • User Identification, Authentication, Authorization and Accounting
  • Types of Authorization Systems
  • Authorization Principles
  • Cryptography
  • Security Policy
  • Network Security Devices
  • Proxy Tools
  • Network Security Protocols

Module 04: Network Security Policy Design and Implementation

  • What is Security Policy?
  • Hierarchy of Security Policy
  • Typical Policy Content
  • Internet Access Policies
  • Acceptable-Use Policy
  • User-Account Policy
  • Remote-Access Policy
  • Information-Protection Policy
  • Firewall-Management Policy
  • Special-Access Policy
  • Network-Connection Policy
  • Business-Partner Policy
  • Email Security Policy
  • Passwords Policy
  • Physical Security Policy
  • Information System Security Policy
  • Bring Your Own Devices (BYOD) Policy
  • Software/Application Security Policy
  • Data Backup Policy
  • Confidential Data Policy
  • Data Classification Policy
  • Internet Usage Policies
  • Server Policy
  • Wireless Network Policy
  • Incidence Response Plan (IRP)
  • User Access Control Policy
  • Switch Security Policy
  • Intrusion Detection and Prevention (IDS/IPS) Policy
  • Personal Device Usage Policy
  • Encryption Policy
  • Router Policy
  • Security Policy Training and Awareness
  • ISO Information Security Standards
  • Payment Card Industry Data Security Standard (PCI-DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Information Security Acts: Sarbanes Oxley Act (SOX)
  • Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
  • Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
  • Other Information Security Acts and Laws

Module 05: Physical Security

  • Physical Security
  • Access Control Authentication Techniques
  • Physical Security Controls
  • Digital locks
  • Other Physical Security Measures
  • Workplace Security
  • Personnel Security: Managing Staff Hiring and Leaving Process
  • Laptop Security Tool: EXO5
  • Environmental Controls
  • Physical Security: Awareness /Training
  • Physical Security Checklists

Module 06: Host Security

  • Host Security
  • OS Security
  • Linux Security
  • Securing Network Servers
  • Hardening Routers and Switches
  • Application/software Security
  • Data Security
  • Virtualization Security

Module 07: Secure Firewall Configuration and Management

  • Firewalls and Concerns
  • What Firewalls Does?
  • What should you not Ignore?: Firewall Limitations
  • How Does a Firewall Work?
  • Firewall Rules
  • Types of Firewalls
  • Firewall Technologies
  • Firewall Topologies
  • Firewall Rule Set & Policies
  • Firewall Implementation
  • Firewall Administration
  • Firewall Logging and Auditing
  • Firewall Anti-evasion Techniques
  • Why Firewalls are Bypassed?
  • Full Data Traffic Normalization
  • Data Stream-based Inspection
  • Vulnerability-based Detection and Blocking
  • Firewall Security Recommendations and Best Practices
  • Firewall Security Auditing Tools

Module 08: Secure IDS Configuration and Management

  • Intrusions and IDPS
  • IDS
  • Types of IDS Implementation
  • IDS Deployment Strategies
  • Types of IDS Alerts
  • IPS
  • IDPS Product Selection Considerations
  • IDS Counterparts

Module 09: Secure VPN Configuration and Management

  • Understanding Virtual Private Network (VPN)
  • How VPN works?
  • Why to Establish VPN ?
  • VPN Components
  • VPN Concentrators
  • Types of VPN
  • VPN Categories
  • Selecting Appropriate VPN
  • VPN Core Functions
  • VPN Technologies
  • VPN Topologies
  • Common VPN Flaws
  • VPN Security
  • Quality Of Service and Performance in VPNs

Module 10: Wireless Network Defense

  • Wireless Terminologies
  • Wireless Networks
  • Wireless Standard
  • Wireless Topologies
  • Typical Use of Wireless Networks
  • Components of Wireless Network
  • WEP (Wired Equivalent Privacy) Encryption
  • WPA (Wi-Fi Protected Access) Encryption
  • WPA2 Encryption
  • WEP vs. WPA vs. WPA2
  • Wi-Fi Authentication Method
  • Wi-Fi Authentication Process Using a Centralized Authentication Server
  • Wireless Network Threats
  • Bluetooth Threats
  • Wireless Network Security
  • Wi-Fi Discovery Tools
  • Locating Rogue Access points
  • Protecting from Denial-of-Service Attacks: Interference
  • Assessing Wireless Network Security
  • Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
  • WPA Security Assessment Tool
  • Wi-Fi Vulnerability Scanning Tools
  • Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
  • WIPS Tool
  • Configuring Security on Wireless Routers
  • Additional Wireless Network Security Guidelines

Module 11: Network Traffic Monitoring and Analysis

  • Network Traffic Monitoring and Analysis(Introduction)
  • Detecting ARP Sweep/ ARP Scan Attempt
  • Detecting TCP Scan Attempt
  • Detecting SYN/FIN DDOS Attempt
  • Detecting UDP Scan Attempt
  • Detecting Password Cracking Attempts
  • Detecting FTP Password Cracking Attempts
  • Detecting Sniffing (MITM) Attempts
  • Detecting the Mac Flooding Attempt
  • Detecting the ARP Poisoning Attempt
  • Additional Packet Sniffing Tools
  • Network Monitoring and Analysis
  • Bandwidth Monitoring

Module 12: Network Risk and Vulnerability Management

  • What is Risk?
  • Risk Levels
  • Risk Matrix
  • Key Risk Indicators(KRI)
  • Risk Management Phase
  • Enterprise Network Risk Management
  • Vulnerability Management

Module 13: Data Backup and Recovery

  • Introduction to Data Backup
  • RAID (Redundant Array Of Independent Disks) Technology
  • Storage Area Network (SAN)
  • Network Attached Storage (NAS)
  • Selecting Appropriate Backup Method
  • Choosing the Right Location for Backup
  • Backup Types
  • Conducting Recovery Drill Test
  • Data Recovery
  • Windows Data Recovery Tool
  • RAID Data Recovery Services
  • SAN Data Recovery Software
  • NAS Data Recovery Services

Module 14: Network Incident Response and Management

  • Incident Handling and Response
  • Incident Response Team Members: Roles and Responsibilities
  • First Responder
  • Incident Handling and Response Process
  • Overview of IH&R Process Flow
Read more

Special Notices

This course is DoD 8570 & DoD 8140 compliant.

You will receive your Pearson Vue exam voucher in your course fee, and will need to arrange this at Pearson Vue testing facility.

Once you have completed the course, please submit the course evaluation via the ASPEN portal for your exam voucher to be released.

The EC Council exam is taken post-course, and EC Council recommend additional post-course study in order to fully prepare for it.

Your 6 month access to the iLabs platform will commence once you complete the course.

Please note - Commencing January 1st, 2019, EC-Council will no longer ship out physical certificates. EC-Council certified members can continue to download their e-Certificates from the ASPEN portal. Certified members who still wish to receive a physical certificate may request one via '[email protected]'. Printed certificate requests in the UK will cost $75 ($50 for the US).

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information